logo
Home/CVEs/CVE-2024-26169/

CVE-2024-26169 - Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability

Project:Microsoft

Product:Windows

Date Added:2024-06-13Due Date:2024-07-04

Vulnerability Name

Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability

Description

Microsoft Windows Error Reporting Service contains an improper privilege management vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.

Additional Notes

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26169

https://nvd.nist.gov/vuln/detail/CVE-2024-26169

Related News Articles

Black Basta ransomware gang linked to Windows zero-day attacksJune 12, 2024

CISA warns of Windows bug exploited in ransomware attacksJune 15, 2024

Black Basta ransomware gang linked to Windows zero-day attacksJune 12, 2024